1. Field of the Invention
The present invention relates to a system and method that encrypt a packet to perform communication, and more particularly to a communication system and method that encrypt a packet using an IP-SEC encrypting method to perform communication, a Network control apparatus (such as LAN control apparatus) with an encryption processing function, and a communication control program.
2. Description of the Related Art
Conventionally, there is carried out communication in which a security function is added to a TCP/IP based on an IP-SEC (IP Security Protocol). A LAN (Local Area Network) control apparatus with the security functions based on the IP-SEC encrypts a packet to be sent to LAN from an upper apparatus such as a personal computer etc., based on an IP-SEC standard to transmit the encrypted packet, and decodes the encrypted packet received and transmits the decoded packet to the upper apparatus.
In recent years, the proportion of data encryption by software processing has increased. Also, the amount of using LAN network increases with the widespread use of server client apparatuses and the importance of data to be handled is improved. For this reason, a system having high reliability and faster processing speed is demanded.
However, in order to response to this demand, the prior art had the following problems.
First, the conventional LAN control apparatus had a problem that a large load was applied on the CPU at the time of encrypting and decoding processing and much time was required for the processing.
Secondly, in the conventional LAN control apparatus, transmission data from the upper apparatus is transmitted to a LAN interface based on the LAN standard. Regarding the packet subjected to IP-SEC encryption based on the IP-SEC standard, data for decoding data subjected to IP-SEC encryption is recorded as authentication data of an IP-SEC header for the transmission packet. As a result, the transmission packet sent to a LAN network via the LAN interface is stolen by a third person (an unauthorized user) and the IP-SEC encryption is decoded, causing a risk that important secret data is relatively easily leaked out.
The IP-SEC encryption technique is disclosed in, for example, Unexamined Japanese Patent Application KOKAI Publication No. 2001-313679 (which corresponds to the U.S. patent application Ser. No. 09/518,399) and Unexamined Japanese Patent Application KOKAI Publication No. 2001-298449. The disclosure of these publications is incorporated herein by reference.